OTL log zbytek:
[2013.12.03 09:59:16 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Pepa\Recent
[2013.12.03 09:59:16 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.12.03 09:47:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Pepa\Plocha\12)OTL.exe
[2013.12.03 05:42:40 | 000,000,000 | ---D | C] -- C:\Program Files\WhoCrashed
[2013.12.03 05:42:40 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\WhoCrashed
[2013.12.02 10:05:11 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Documents and Settings\Pepa\Plocha\10)aswmbr.exe
[2013.11.30 12:18:41 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.11.30 12:16:58 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\Nástroje pro správu
[2013.11.30 12:16:58 | 000,000,000 | R--D | C] -- D:\DOKUMENTY\Filmy
[2013.11.30 12:16:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.11.29 12:31:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2013.11.29 12:20:38 | 001,034,531 | ---- | C] (Thisisu) -- C:\Documents and Settings\Pepa\Plocha\5)JRT.exe
[2013.11.29 12:06:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pepa\Data aplikací\Malwarebytes
[2013.11.29 12:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.11.29 12:06:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
[2013.11.29 12:06:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.11.29 12:06:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.11.29 12:06:41 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pepa\Plocha\4)mbam-setup-1.75.0.1300.exe
[2013.11.28 10:09:18 | 000,000,000 | ---D | C] -- C:\Program Files\Trend Micro
[2013.11.28 10:09:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\HiJackThis
[2013.11.28 08:43:30 | 000,000,000 | ---D | C] -- C:\Tools
[2013.11.28 08:43:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\Tools
[2013.11.27 10:33:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\Islas Canarias
[2013.11.27 10:33:16 | 000,000,000 | ---D | C] -- C:\Archivos de programa
[2013.11.20 09:57:48 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2013.11.18 07:00:29 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2013.11.05 13:25:01 | 000,000,000 | ---D | C] -- D:\DOKUMENTY\Mobogenie
[2013.11.05 13:25:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Mobogenie
[2013.11.05 13:24:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Nabídka Start\Programy\Digiarty
[2013.11.05 13:24:33 | 000,000,000 | ---D | C] -- C:\Program Files\Digiarty
[2013.11.05 13:24:18 | 000,000,000 | ---D | C] -- C:\Program Files\Mobogenie
[2013.11.05 13:08:43 | 000,000,000 | ---D | C] -- C:\My Video
[2013.11.05 13:07:58 | 000,000,000 | ---D | C] -- C:\Program Files\Crystal Software
========== Files - Modified Within 30 Days ==========
[2013.12.05 12:10:01 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2013.12.05 12:04:11 | 000,004,726 | ---- | M] () -- C:\WINDOWS\wincmd.ini
[2013.12.05 11:29:00 | 000,000,914 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2013.12.05 06:10:00 | 000,000,932 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2013.12.05 05:28:51 | 000,063,671 | ---- | M] () -- C:\WINDOWS\System32\nvwsapps.xml
[2013.12.05 05:28:36 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2013.12.05 05:28:34 | 000,000,286 | ---- | M] () -- C:\WINDOWS\tasks\SimpleFilesUpdate.job
[2013.12.05 05:27:50 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.04 13:08:24 | 000,000,112 | ---- | M] () -- C:\WINDOWS\ccolwiz.ini
[2013.12.03 10:03:38 | 000,292,480 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.12.03 09:59:53 | 000,024,098 | ---- | M] () -- D:\DOKUMENTY\cc_20131203_095951.reg
[2013.12.03 09:47:00 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Pepa\Plocha\12)OTL.exe
[2013.12.02 10:05:11 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Documents and Settings\Pepa\Plocha\10)aswmbr.exe
[2013.12.02 05:38:24 | 000,000,752 | ---- | M] () -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\Po spuštění\PopTray.lnk
[2013.11.30 12:18:45 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.11.29 12:20:49 | 003,687,936 | ---- | M] () -- C:\Documents and Settings\Pepa\Plocha\6)RogueKiller.exe
[2013.11.29 12:20:41 | 001,034,531 | ---- | M] (Thisisu) -- C:\Documents and Settings\Pepa\Plocha\5)JRT.exe
[2013.11.29 12:06:54 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.11.28 16:29:30 | 000,002,439 | ---- | M] () -- C:\Documents and Settings\Pepa\Plocha\HiJackThis.lnk
[2013.11.28 10:07:01 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Pepa\Plocha\4)mbam-setup-1.75.0.1300.exe
[2013.11.28 10:06:01 | 001,091,882 | ---- | M] () -- C:\Documents and Settings\Pepa\Plocha\3)adwcleaner.exe
[2013.11.28 09:53:49 | 000,000,303 | ---- | M] () -- C:\WINDOWS\wininit.ini
[2013.11.28 08:03:36 | 000,029,922 | ---- | M] () -- D:\DOKUMENTY\cc_20131128_080334.reg
[2013.11.19 14:33:42 | 000,417,418 | ---- | M] () -- C:\acadminidump.dmp
[2013.11.18 12:43:13 | 000,000,600 | ---- | M] () -- C:\Documents and Settings\Pepa\PUTTY.RND
[2013.11.18 07:48:27 | 000,000,067 | ---- | M] () -- C:\WINDOWS\iltwain.ini
[2013.11.18 06:12:29 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Plocha\Google Chrome.lnk
[2013.11.14 08:17:46 | 000,493,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.14 08:17:46 | 000,489,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.14 08:17:46 | 000,097,718 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.14 08:17:46 | 000,083,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2013.11.14 05:46:47 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerApp.exe
[2013.11.14 05:46:46 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\System32\FlashPlayerCPLApp.cpl
[2013.11.07 13:58:56 | 000,000,116 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2013.11.05 13:30:12 | 000,011,776 | ---- | M] () -- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.11.05 13:11:33 | 000,000,117 | ---- | M] () -- C:\WINDOWS\crywmvtoavi.ini
[2013.11.05 13:11:33 | 000,000,005 | ---- | M] () -- C:\WINDOWS\System32\SySwmvtoavi.dat
========== Files Created - No Company Name ==========
[2013.12.03 09:59:52 | 000,024,098 | ---- | C] () -- D:\DOKUMENTY\cc_20131203_095951.reg
[2013.12.02 05:38:24 | 000,000,752 | ---- | C] () -- C:\Documents and Settings\Pepa\Nabídka Start\Programy\Po spuštění\PopTray.lnk
[2013.11.30 12:18:45 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.11.30 12:18:43 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.11.29 12:20:49 | 003,687,936 | ---- | C] () -- C:\Documents and Settings\Pepa\Plocha\6)RogueKiller.exe
[2013.11.29 12:06:54 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Plocha\Malwarebytes Anti-Malware.lnk
[2013.11.29 12:00:39 | 001,091,882 | ---- | C] () -- C:\Documents and Settings\Pepa\Plocha\3)adwcleaner.exe
[2013.11.28 10:09:18 | 000,002,439 | ---- | C] () -- C:\Documents and Settings\Pepa\Plocha\HiJackThis.lnk
[2013.11.28 09:53:49 | 000,000,303 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2013.11.28 08:03:35 | 000,029,922 | ---- | C] () -- D:\DOKUMENTY\cc_20131128_080334.reg
[2013.11.18 12:43:13 | 000,000,600 | ---- | C] () -- C:\Documents and Settings\Pepa\PUTTY.RND
[2013.11.08 06:37:17 | 000,000,986 | ---- | C] () -- C:\Documents and Settings\All Users\Nabídka Start\Programy\KeePass.lnk
[2013.11.05 13:08:40 | 000,000,117 | ---- | C] () -- C:\WINDOWS\crywmvtoavi.ini
[2013.11.05 13:08:03 | 000,000,005 | ---- | C] () -- C:\WINDOWS\System32\SySwmvtoavi.dat
[2013.10.29 10:40:21 | 000,004,758 | ---- | C] () -- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\recently-used.xbel
[2013.08.27 04:46:18 | 000,019,840 | ---- | C] () -- C:\WINDOWS\System32\EuEpmGdi.dll
[2013.08.27 04:46:17 | 002,469,760 | ---- | C] () -- C:\WINDOWS\System32\BootMan.exe
[2013.08.27 04:46:17 | 000,086,408 | ---- | C] () -- C:\WINDOWS\System32\setupempdrv03.exe
[2013.08.27 04:46:17 | 000,013,192 | ---- | C] () -- C:\WINDOWS\System32\epmntdrv.sys
[2013.08.27 04:46:17 | 000,008,456 | ---- | C] () -- C:\WINDOWS\System32\EuGdiDrv.sys
[2013.08.06 08:27:14 | 000,110,592 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDevice.Dll
[2013.08.06 08:27:14 | 000,037,344 | ---- | C] () -- C:\WINDOWS\System32\FsUsbExDisk.Sys
[2013.08.01 10:59:22 | 000,155,648 | ---- | C] () -- C:\WINDOWS\System32\hpsfs.dll
[2013.07.30 07:44:43 | 000,000,203 | ---- | C] () -- C:\Documents and Settings\Pepa\Data aplikací\.ptbt0
[2012.08.14 10:55:19 | 000,006,388 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2012.07.25 13:25:21 | 000,000,346 | ---- | C] () -- C:\WINDOWS\wcx_ftp.ini
[2012.06.07 07:05:33 | 000,005,504 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2012.05.17 05:18:31 | 000,000,008 | RHS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\DA33173657.sys
[2012.05.17 05:18:30 | 000,003,140 | -HS- | C] () -- C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
[2012.05.10 08:44:27 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll
[2012.04.20 06:08:46 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\Ry4CoInst.dll
[2012.02.29 14:23:31 | 000,000,534 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2012.02.16 05:45:17 | 000,003,072 | ---- | C] () -- C:\WINDOWS\System32\iacenc.dll
[2012.01.23 15:02:50 | 000,000,001 | ---- | C] () -- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\llftool.4.25.agreement
[2012.01.19 10:25:51 | 000,116,224 | ---- | C] () -- C:\WINDOWS\System32\pdfcmnnt.dll
[2012.01.16 10:25:30 | 000,000,067 | ---- | C] () -- C:\WINDOWS\iltwain.ini
[2012.01.09 10:57:33 | 000,011,776 | ---- | C] () -- C:\Documents and Settings\Pepa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.23 20:58:28 | 000,030,568 | ---- | C] () -- C:\WINDOWS\MusiccityDownload.exe
[2011.12.23 20:58:24 | 000,974,848 | ---- | C] () -- C:\WINDOWS\System32\cis-2.4.dll
[2011.12.23 20:58:24 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\issacapi_bs-2.3.dll
[2011.12.23 20:58:24 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\issacapi_pe-2.3.dll
[2011.12.23 20:58:24 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\issacapi_se-2.3.dll
[2011.12.16 16:31:31 | 000,000,116 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2011.12.08 16:00:33 | 004,452,666 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-S-1-5-21-73586283-790525478-839522115-1003-0.dat
[2011.12.08 16:00:32 | 000,252,930 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\WPFFontCache_v0400-System.dat
[2011.12.08 15:55:17 | 000,000,147 | ---- | C] () -- C:\Documents and Settings\All Users\Data aplikací\Microsoft.SqlServer.Compact.351.32.bc
[2011.12.08 14:51:48 | 000,003,165 | R--- | C] () -- C:\WINDOWS\System32\hptcpmon.ini
[2011.12.08 14:51:48 | 000,000,148 | ---- | C] () -- C:\WINDOWS\System32\AddPort.ini
[2011.12.08 14:51:04 | 000,000,701 | ---- | C] () -- C:\WINDOWS\hpntwksetup.ini
[2011.12.08 14:21:37 | 000,049,601 | ---- | C] () -- C:\WINDOWS\HPHins04.dat
[2011.12.08 14:21:37 | 000,002,725 | ---- | C] () -- C:\WINDOWS\hphmdl03.dat
[2011.12.08 14:03:16 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ccolwiz.ini
[2011.12.08 13:44:07 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011.12.08 13:43:00 | 000,292,480 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011.12.08 13:36:07 | 000,004,726 | ---- | C] () -- C:\WINDOWS\wincmd.ini
[2011.12.08 13:10:23 | 000,049,152 | R--- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2011.12.08 12:54:14 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011.12.08 12:50:11 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
========== ZeroAccess Check ==========
[2011.12.08 15:46:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2008.04.14 04:21:55 | 001,499,648 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.02.09 11:56:05 | 000,473,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2008.04.14 04:22:05 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.07.31 05:12:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\ab studio
[2013.09.17 12:26:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Autodesk
[2013.01.30 16:07:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG January 2013 Campaign
[2013.06.17 04:56:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\AVG2013
[2012.06.07 07:06:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Canneverbe Limited
[2011.12.08 13:30:23 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Data aplikací\Common Files
[2012.10.15 05:07:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Easy File & Folder Protector
[2012.04.19 12:22:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\EnaN8
[2013.08.27 09:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\GARMIN
[2013.10.29 15:04:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Graitec
[2013.12.05 11:54:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\MFAData
[2013.07.31 14:03:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Okidata
[2012.03.13 07:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\PhotoME
[2012.01.09 10:25:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Samsung
[2012.11.06 05:04:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\SPW-M
[2011.12.09 06:18:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\System
[2012.01.02 11:52:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\TEMP
[2012.10.29 12:56:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Western Digital
[2012.02.16 08:36:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\CENZURA
[2012.01.18 11:45:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Data aplikací\Zoner
[2013.07.31 05:15:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\ab studio
[2013.09.17 12:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Autodesk
[2013.06.17 04:57:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\AVG2013
[2012.06.07 07:06:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Canneverbe Limited
[2012.04.20 05:16:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Chinaweal Longteng
[2013.08.27 09:49:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\GARMIN
[2012.02.29 14:23:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\GrCAD
[2012.06.12 12:44:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\gtk-2.0
[2013.11.29 08:49:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\ICQ
[2013.11.08 06:37:43 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\KeePass
[2012.03.12 07:20:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\MAXON
[2012.08.16 06:17:19 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Mobile Atlas Creator
[2013.08.01 05:21:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Okidata
[2012.11.14 07:38:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Samsung
[2013.10.02 15:02:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\SimpleFiles
[2013.08.22 13:03:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\TeamViewer
[2012.01.09 10:27:39 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Temp
[2011.12.09 06:39:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Thunderbird
[2012.05.03 08:32:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\TrueCrypt
[2013.06.17 04:54:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\TuneUp Software
[2012.09.05 09:04:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\XnConvert
[2011.12.09 07:10:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\XnView
[2013.09.18 10:53:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\Zoner
[2012.04.20 06:09:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Pepa\Data aplikací\ZWSoft
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9FA5EC55
< End of report >
jsn.donecore.net - další obět - prosím o kontrolu logu Vyřešeno
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
Extras log:
OTL Extras logfile created on: 5.12.2013 12:05:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pepa\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 65,36% Memory free
5,34 Gb Paging File | 4,46 Gb Available in Paging File | 83,65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 49,26 Gb Free Space | 50,45% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 110,27 Gb Free Space | 29,96% Space Free | Partition Type: NTFS
Drive H: | 5493,93 Gb Total Space | 5225,07 Gb Free Space | 95,11% Space Free | Partition Type: NTFS
Drive P: | 196,86 Gb Total Space | 62,68 Gb Free Space | 31,84% Space Free | Partition Type: NTFS
Computer Name: PC-17 | User Name: Pepa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"50248:TCP" = 50248:TCP:*:Enabled:Autodesk Content Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\hphmon06.exe" = C:\WINDOWS\system32\hphmon06.exe:*:Enabled:HPHmon06 -- (Hewlett-Packard)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Akamai\netsession_win.exe" = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\SimpleFiles\downloader.exe" = C:\Program Files\SimpleFiles\downloader.exe:*:Enabled:SimpleFiles -- (http://simple-files.com/)
"C:\Program Files\SimpleFiles\SimpleFiles.exe" = C:\Program Files\SimpleFiles\SimpleFiles.exe:*:Enabled:SimpleFiles -- (http://simple-files.com/)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostika 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}" = OKI Network Setting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0ABCECAD-0600-0400-0100-0AB013000000}" = CADKON Stavební konstrukce 2013
"{0ABCECAD-0600-0400-0100-0AB014000000}" = CADKON Stavební konstrukce 2014
"{0ABCECAD-0600-0400-0100-0ABCECAD0120}" = CADKON Stavební konstrukce 2012
"{0ABCECAD-0600-0400-0100-0ABCECAD0121}" = CADKON Stavební konstrukce 2012.1
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F55DD09-15EC-4F5D-B517-94852884AEF5}" = OKI Configuration Tool
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{15B3667C-3468-4B03-8CC1-0EE41AD589F3}" = PSPrinters06
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{1727CD47-A408-11d2-AFAD-00C04F72FB3E}" = VBA (2720)
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = CENZURA 3.5
"{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1" = GPSBabel 1.4.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{328019A7-0012-401D-96A2-4CDDD02675A8}" = Garmin POI Loader
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49603CBF-8861-4D94-AD85-E4854AD366CA}" = AVG 2013
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-A009-0405-0002-0060B0CE6BBA}" = AutoCAD LT 2012 - Czech
"{5783F2D7-A009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2012 Language Pack - Czech
"{5783F2D7-B009-0000-0002-0060B0CE6BBA}" = AutoCAD LT 2013 – Čeština (Czech)
"{5783F2D7-B009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2013 Language Pack – Čeština (Czech)
"{5783F2D7-B009-0405-2002-0060B0CE6BBA}" = AutoCAD LT 2013 – Čeština (Czech)
"{5783F2D7-B028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2013
"{5783F2D7-D009-0000-0002-0060B0CE6BBA}" = AutoCAD LT 2014 – Čeština (Czech)
"{5783F2D7-D009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2014 Language Pack – Čeština (Czech)
"{5783F2D7-D009-0405-2002-0060B0CE6BBA}" = AutoCAD LT 2014 – Čeština (Czech)
"{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}" = Garmin POI Loader
"{5D729200-F340-4A74-A1E9-32387CDC63EF}" = OKI Color Correct Utility
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{795B33DF-67F6-48FB-A730-7B9A6AE35E8D}" = PS8700
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7C4142F1-8C82-4E7D-B540-3E783B2B7F9A}" = AB Softlock 4
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84AC08CB-C712-40DB-950F-4E0CA6170B8D}" = SlimComputer
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARD_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9427081E-AC7E-49D4-964F-E2E27C7175BF}" = OKI Alert Info
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDFFAAF-E1BE-470C-8533-D5C186056922}" = Autodesk 123D 32 Bit
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A344F95E-E51A-450C-8F84-C940BF61903E}" = OKI Color Swatch Utility
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.
- Czech
"{AC816FE8-3022-404F-8BE4-A07B5586F4E3}" = Garmin BaseCamp
"{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1" = Fast Duplicate File Finder 2.8.0.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BA2D9411-DBB4-43e4-9421-780413650A67}" = Photosmart 320,370,7400,8100,8400,8700 Series
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}" = OKI Storage Manager
"{C8244493-32A4-4275-8145-D16FFE1D8E36}" = OKI User Setting
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}" = OKI Device Setting
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D44E64-51EE-4888-A1FD-F13108B75A43}" = Garmin MapInstall
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9CD712-03B8-4786-A792-390808F0D958}" = Schueco Architect Library
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AutoCAD LT 2012 - Czech" = AutoCAD LT 2012 - Czech
"AutoCAD LT 2013 – Čeština (Czech)" = AutoCAD LT 2013 – Čeština (Czech)
"AutoCAD LT 2013 – Čeština (Czech) SP2" = AutoCAD LT 2013 – Čeština (Czech) SP2
"AutoCAD LT 2014 – Čeština (Czech)" = Autodesk AutoCAD LT 2014 – Čeština (Czech)
"AutoCAD LT 2014 – Čeština (Czech) SP1" = Autodesk AutoCAD LT 2014 – Čeština (Czech) SP1
"Autodesk Content Service" = Autodesk Content Service
"AVG" = AVG 2013
"BIT-View_is1" = BIT-View 2.05.00
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CobBackup11" = Cobian Backup 11 Gravity
"CzechRep_by_Dave_Luv" = CzechRep_by_Dave_Luv
"DWG TrueView 2013" = DWG TrueView 2013
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Easy File & Folder Protector_is1" = Easy File & Folder Protector v5.1
"FastStone Capture" = FastStone Capture 4.0
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"GeoGet_is1" = GeoGet 2.8.0.732
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HP Photo & Imaging" = HP Image Zone 4.7
"Hugin" = Hugin 2011.2.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{0ABCECAD-0600-0400-0100-0AB013000000}" = CADKON Stavební konstrukce 2013 pro AutoCAD LT 2013 - česky
"InstallShield_{0ABCECAD-0600-0400-0100-0AB014000000}" = CADKON Stavební konstrukce 2014 pro AutoCAD LT 2014 – Čeština (Czech)
"InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0120}" = CADKON Stavební konstrukce 2012 pro AutoCAD LT 2012 - Czech
"InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0121}" = CADKON Stavební konstrukce 2012.1 pro AutoCAD LT 2012 - Czech
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Islas Canarias" = Islas Canarias 2.0
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"Mozilla Thunderbird 24.1.1 (x86 cs)" = Mozilla Thunderbird 24.1.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mtt12" = Mp3 Tag Tools v1.2
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OSM generic routable" = OSM generic routable
"PhotoME_is1" = PhotoME
"PopTray" = PopTray 3.20 (beta 4)
"Recuva" = Recuva
"Sadovnická projekce - Mini verze_is1" = Sadovnická projekce - Mini verze
"Shortcut Doctor" = Shortcut Doctor
"STANDARD" = Microsoft Office Standard 2007
"Sweet Home 3D_is1" = Sweet Home 3D version 4.1
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"VirtualKeyboard" = Virtual Keyboard 3.2.1
"walleycz" = walleycz
"WhoCrashed_is1" = WhoCrashed 5.00
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinX Free WMV to AVI Converter_is1" = WinX Free WMV to AVI Converter 2.0.5
"XnConvert_is1" = XnConvert 1.50
"XnView_is1" = XnView 1.98.2
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SimpleFiles" = SimpleFiles
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.11.2013 9:29:37 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace acadlt.exe, verze 25.0.204.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 25.11.2013 0:25:26 | Computer Name = PC-17 | Source = Application Error | ID = 1000
Description = Chybující aplikace xnview.exe, verze 1.98.0.0, chybující modul xnview.exe,
verze 1.98.0.0, adresa chyby 0x000e6fb3.
Error - 28.11.2013 3:04:29 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CCleaner.exe, verze 4.2.0.4115, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:04:32 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CCleaner.exe, verze 4.2.0.4115, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:10:19 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:10:57 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:11:03 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:11:14 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 4:31:18 | Computer Name = PC-17 | Source = MsiInstaller | ID = 11721
Description = Produkt: SpyHunter -- Chyba 1721. U balíčku Instalační služby systému
Windows došlo k potížím. Program požadovaný k dokončení této instalace nemůže být
spuštěn. Obraťte se na oddělení odborné pomoci nebo na dodavatele balíčku. Akce:
, umístění: WiseCustomCall, příkaz: g3
Error - 29.11.2013 6:50:49 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace geoget.exe, verze 2.8.0.732, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ OSession Events ]
Error - 7.1.2013 1:53:32 | Computer Name = PC-17 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2.12.2013 5:26:08 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7000
Description = Služba Util diamondata neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 2.12.2013 5:26:51 | Computer Name = PC-17 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 89f0e000, parametr3
89f0e418, parametr4 1a830000.
Error - 2.12.2013 5:28:21 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 0:36:26 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7000
Description = Služba Util diamondata neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 3.12.2013 0:38:35 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 0:43:47 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7031
Description = Služba TeamViewer 8 byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.
Error - 3.12.2013 5:06:02 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 5:59:52 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7031
Description = Služba TeamViewer 8 byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.
Error - 4.12.2013 0:31:34 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 5.12.2013 0:29:53 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
< End of report >
OTL Extras logfile created on: 5.12.2013 12:05:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Pepa\Plocha
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
3,50 Gb Total Physical Memory | 2,29 Gb Available Physical Memory | 65,36% Memory free
5,34 Gb Paging File | 4,46 Gb Available in Paging File | 83,65% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 97,65 Gb Total Space | 49,26 Gb Free Space | 50,45% Space Free | Partition Type: NTFS
Drive D: | 368,10 Gb Total Space | 110,27 Gb Free Space | 29,96% Space Free | Partition Type: NTFS
Drive H: | 5493,93 Gb Total Space | 5225,07 Gb Free Space | 95,11% Space Free | Partition Type: NTFS
Drive P: | 196,86 Gb Total Space | 62,68 Gb Free Space | 31,84% Space Free | Partition Type: NTFS
Computer Name: PC-17 | User Name: Pepa | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.url [@ = InternetShortcut] -- rundll32.exe ieframe.dll,OpenURL %l
.scr [@ = Reg Error: Key error.] -- Reg Error: Key error. File not found
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
htafile [open] -- "%1" %*
InternetShortcut [open] -- rundll32.exe ieframe.dll,OpenURL %l
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Browse with FastStone] -- "C:\Program Files\FastStone Image Viewer\FSViewer.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Prozkoumat v XnView] -- "C:\Program Files\XnView\xnview.exe" "%1" (XnView, http://www.xnview.com)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Sr]
"Start" = 4
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SrService]
"Start" = 2
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"50248:TCP" = 50248:TCP:*:Enabled:Autodesk Content Service
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation)
"C:\Program Files\ICQ7.7\ICQ.exe" = C:\Program Files\ICQ7.7\ICQ.exe:*:Enabled:ICQ7.7 -- (ICQ, LLC.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\WINDOWS\system32\hphmon06.exe" = C:\WINDOWS\system32\hphmon06.exe:*:Enabled:HPHmon06 -- (Hewlett-Packard)
"C:\WINDOWS\system32\muzapp.exe" = C:\WINDOWS\system32\muzapp.exe:*:Enabled:MUZ AOD APP player -- (Musiccity Co.Ltd.)
"C:\totalcmd\TOTALCMD.EXE" = C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows -- (C. Ghisler & Co.)
"C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Akamai\netsession_win.exe" = C:\Documents and Settings\Pepa\Local Settings\Data aplikací\Akamai\netsession_win.exe:*:Enabled:Akamai NetSession Client
"C:\Program Files\AVG\AVG2013\avgmfapx.exe" = C:\Program Files\AVG\AVG2013\avgmfapx.exe:*:Enabled:Instalátor AVG -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\TeamViewer\Version8\TeamViewer.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer.exe:*:Enabled:Teamviewer Remote Control Application -- (TeamViewer GmbH)
"C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe" = C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe:*:Enabled:Teamviewer Remote Control Service -- (TeamViewer GmbH)
"C:\Program Files\SimpleFiles\downloader.exe" = C:\Program Files\SimpleFiles\downloader.exe:*:Enabled:SimpleFiles -- (http://simple-files.com/)
"C:\Program Files\SimpleFiles\SimpleFiles.exe" = C:\Program Files\SimpleFiles\SimpleFiles.exe:*:Enabled:SimpleFiles -- (http://simple-files.com/)
"C:\Program Files\AVG\AVG2013\avgnsx.exe" = C:\Program Files\AVG\AVG2013\avgnsx.exe:*:Enabled:Webový štít -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgdiagex.exe" = C:\Program Files\AVG\AVG2013\avgdiagex.exe:*:Enabled:AVG Diagnostika 2013 -- (AVG Technologies CZ, s.r.o.)
"C:\Program Files\AVG\AVG2013\avgemcx.exe" = C:\Program Files\AVG\AVG2013\avgemcx.exe:*:Enabled:Obecná kontrola pošty -- (AVG Technologies CZ, s.r.o.)
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{099DE9EF-2781-4A72-BD0F-53AAC78A93B2}" = OKI Network Setting
"{0A0CADCF-78DA-33C4-A350-CD51849B9702}" = Microsoft .NET Framework 4 Extended
"{0ABCECAD-0600-0400-0100-0AB013000000}" = CADKON Stavební konstrukce 2013
"{0ABCECAD-0600-0400-0100-0AB014000000}" = CADKON Stavební konstrukce 2014
"{0ABCECAD-0600-0400-0100-0ABCECAD0120}" = CADKON Stavební konstrukce 2012
"{0ABCECAD-0600-0400-0100-0ABCECAD0121}" = CADKON Stavební konstrukce 2012.1
"{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}" = HP USB Disk Storage Format Tool
"{0F55DD09-15EC-4F5D-B517-94852884AEF5}" = OKI Configuration Tool
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{15B3667C-3468-4B03-8CC1-0EE41AD589F3}" = PSPrinters06
"{17079027-EB8A-42C6-9BF8-825B78889F6A}" = Garmin Communicator Plugin
"{1727CD47-A408-11d2-AFAD-00C04F72FB3E}" = VBA (2720)
"{17293791-C82E-476C-9997-9A0FF234A19B}" = HP Product Assistant
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = CENZURA 3.5
"{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1" = GPSBabel 1.4.3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{20FBC0A0-3160-4F14-83ED-3A74BB6B8C31}" = TrayApp
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{2E8428AD-6CD2-4031-916A-3CF9BBF2DEC9}" = Unload
"{328019A7-0012-401D-96A2-4CDDD02675A8}" = Garmin POI Loader
"{350C9405-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3762DB2D-71BD-421F-9E55-C74DA7DF4D07}" = CueTour
"{38ADB9A6-798C-11D6-A855-00105A80791C}" = OKI Network Extension
"{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}" = Gigabyte Raid Configurer
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3D599ADA-65D9-4B51-898F-CE718DEC5DBB}" = Microsoft Image Composite Editor
"{45A66726-69BC-466B-A7A4-12FCBA4883D7}" = HiJackThis
"{49603CBF-8861-4D94-AD85-E4854AD366CA}" = AVG 2013
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-A009-0405-0002-0060B0CE6BBA}" = AutoCAD LT 2012 - Czech
"{5783F2D7-A009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2012 Language Pack - Czech
"{5783F2D7-B009-0000-0002-0060B0CE6BBA}" = AutoCAD LT 2013 – Čeština (Czech)
"{5783F2D7-B009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2013 Language Pack – Čeština (Czech)
"{5783F2D7-B009-0405-2002-0060B0CE6BBA}" = AutoCAD LT 2013 – Čeština (Czech)
"{5783F2D7-B028-0409-0000-0060B0CE6BBA}" = DWG TrueView 2013
"{5783F2D7-D009-0000-0002-0060B0CE6BBA}" = AutoCAD LT 2014 – Čeština (Czech)
"{5783F2D7-D009-0405-1002-0060B0CE6BBA}" = AutoCAD LT 2014 Language Pack – Čeština (Czech)
"{5783F2D7-D009-0405-2002-0060B0CE6BBA}" = AutoCAD LT 2014 – Čeština (Czech)
"{5CA74EDC-CFC3-4FA0-AED7-1415CA19F250}" = Garmin POI Loader
"{5D729200-F340-4A74-A1E9-32387CDC63EF}" = OKI Color Correct Utility
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{6280C3D1-00A3-4E79-BDF6-98332A29B706}" = AVG 2013
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{64FC0C98-B035-4530-B15D-3D30610B6DF1}" = HP Software Update
"{65420DC9-306E-4371-905F-F4DC3B418E52}" = Autodesk Material Library Base Resolution Image Library 2012
"{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"{6C94A234-CA2C-4D3C-81E6-6AAA8069825D}" = Garmin WebUpdater
"{700A6597-3CE6-49C1-AA75-846B24CDA66D}" = BufferChm
"{7036A6F4-5DAD-3908-956D-1752CD7F7E5A}" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}" = ICQ7.7
"{795B33DF-67F6-48FB-A730-7B9A6AE35E8D}" = PS8700
"{7AD25C9F-9957-4D1C-95EF-9BCD09F6D31B}" = HPSystemDiagnostics
"{7C4142F1-8C82-4E7D-B540-3E783B2B7F9A}" = AB Softlock 4
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84AC08CB-C712-40DB-950F-4E0CA6170B8D}" = SlimComputer
"{84CDF5A8-1D57-4B69-BAB6-1F11D8923375}" = SkinsHP1
"{8777AC6D-89F9-4793-8266-DE406F343E89}" = QFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}" = Autodesk Material Library 2012
"{90120000-0010-0405-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Czech) 12
"{90120000-0012-0000-0000-0000000FF1CE}" = Microsoft Office Standard 2007
"{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0405-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Czech) 2007
"{90120000-0016-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0405-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Czech) 2007
"{90120000-0018-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0405-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Czech) 2007
"{90120000-001A-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0405-0000-0000000FF1CE}" = Microsoft Office Word MUI (Czech) 2007
"{90120000-001B-0405-0000-0000000FF1CE}_STANDARD_{3FD35521-B8F1-4CE0-85E0-DC6CA1E01012}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0405-0000-0000000FF1CE}" = Microsoft Office Proof (Czech) 2007
"{90120000-001F-0405-0000-0000000FF1CE}_STANDARD_{0B7A4B67-2A38-42B1-9857-662FAB361E08}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_STANDARD_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_STANDARD_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-041B-0000-0000000FF1CE}" = Microsoft Office Proof (Slovak) 2007
"{90120000-001F-041B-0000-0000000FF1CE}_STANDARD_{FDF9A959-241A-4662-A8DE-7DED9C22D160}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0405-0000-0000000FF1CE}" = Microsoft Office Proofing (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Czech) 2007
"{90120000-006E-0405-0000-0000000FF1CE}_STANDARD_{A0AAD4D5-9F9C-49BB-AB64-0FD4695424E8}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9427081E-AC7E-49D4-964F-E2E27C7175BF}" = OKI Alert Info
"{96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3}" = Google Earth
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDFFAAF-E1BE-470C-8533-D5C186056922}" = Autodesk 123D 32 Bit
"{9DE3F260-B88E-42CE-90E7-73C78C37D95E}" = 32 Bit HP BiDi Channel Components Installer
"{A2DE62D8-EF1B-36CB-B461-B1E221ED8608}" = Microsoft .NET Framework 4 Extended CSY Language Pack
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A344F95E-E51A-450C-8F84-C940BF61903E}" = OKI Color Swatch Utility
"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable
"{A5355F15-F98B-4704-9BAE-E53B9FE48F48}" = SDFormatter
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}" = Garmin USB Drivers
"{AC76BA86-7AD7-1029-7B44-AA1000000001}" = Adobe Reader X (10.1.
- Czech"{AC816FE8-3022-404F-8BE4-A07B5586F4E3}" = Garmin BaseCamp
"{AFECFED6-0A43-488F-8511-1DC6B52F31C3}_is1" = Fast Duplicate File Finder 2.8.0.1
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B911B811-BA3E-46D4-90F8-6F3338359651}" = Director
"{BA2D9411-DBB4-43e4-9421-780413650A67}" = Photosmart 320,370,7400,8100,8400,8700 Series
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C7BCF2EA-4AE1-4AF0-9EAB-2252015C4DF2}" = OKI Storage Manager
"{C8244493-32A4-4275-8145-D16FFE1D8E36}" = OKI User Setting
"{C9BED750-1211-4480-B1A5-718A3BE15525}" = REALTEK GbE & FE Ethernet PCI-E NIC Driver
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CDFCF124-115F-4976-8BF4-08C89187A146}" = WebReg
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D02220CE-1475-4F0F-9F12-251161999D53}" = Garmin MapSource
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D4E9C626-14A8-4AEB-92F3-BE65EC4CFAEF}" = OKI Device Setting
"{D755C7A3-C03E-4460-8C00-AC6E55505FB5}" = LightScribe 1.4.74.1
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media Encoder 9 Series
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0D44E64-51EE-4888-A1FD-F13108B75A43}" = Garmin MapInstall
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FF9CD712-03B8-4786-A792-390808F0D958}" = Schueco Architect Library
"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AutoCAD LT 2012 - Czech" = AutoCAD LT 2012 - Czech
"AutoCAD LT 2013 – Čeština (Czech)" = AutoCAD LT 2013 – Čeština (Czech)
"AutoCAD LT 2013 – Čeština (Czech) SP2" = AutoCAD LT 2013 – Čeština (Czech) SP2
"AutoCAD LT 2014 – Čeština (Czech)" = Autodesk AutoCAD LT 2014 – Čeština (Czech)
"AutoCAD LT 2014 – Čeština (Czech) SP1" = Autodesk AutoCAD LT 2014 – Čeština (Czech) SP1
"Autodesk Content Service" = Autodesk Content Service
"AVG" = AVG 2013
"BIT-View_is1" = BIT-View 2.05.00
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"CobBackup11" = Cobian Backup 11 Gravity
"CzechRep_by_Dave_Luv" = CzechRep_by_Dave_Luv
"DWG TrueView 2013" = DWG TrueView 2013
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 9.1.0 Home Edition
"Easy File & Folder Protector_is1" = Easy File & Folder Protector v5.1
"FastStone Capture" = FastStone Capture 4.0
"FastStone Image Viewer" = FastStone Image Viewer 4.0
"GeoGet_is1" = GeoGet 2.8.0.732
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"HD Tune_is1" = HD Tune 2.55
"HP Photo & Imaging" = HP Image Zone 4.7
"Hugin" = Hugin 2011.2.0
"ie8" = Windows Internet Explorer 8
"InstallShield_{0ABCECAD-0600-0400-0100-0AB013000000}" = CADKON Stavební konstrukce 2013 pro AutoCAD LT 2013 - česky
"InstallShield_{0ABCECAD-0600-0400-0100-0AB014000000}" = CADKON Stavební konstrukce 2014 pro AutoCAD LT 2014 – Čeština (Czech)
"InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0120}" = CADKON Stavební konstrukce 2012 pro AutoCAD LT 2012 - Czech
"InstallShield_{0ABCECAD-0600-0400-0100-0ABCECAD0121}" = CADKON Stavební konstrukce 2012.1 pro AutoCAD LT 2012 - Czech
"InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}" = Samsung Story Album Viewer
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Islas Canarias" = Islas Canarias 2.0
"KeePass Password Safe_is1" = KeePass Password Safe 1.26
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.23
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware verze 1.75.0.1300
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile CSY Language Pack" = Microsoft .NET Framework 4 Client Profile CSY Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended CSY Language Pack" = Microsoft .NET Framework 4 Extended CSY Language Pack
"Mozilla Firefox 25.0.1 (x86 cs)" = Mozilla Firefox 25.0.1 (x86 cs)
"Mozilla Thunderbird 24.1.1 (x86 cs)" = Mozilla Thunderbird 24.1.1 (x86 cs)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"mtt12" = Mp3 Tag Tools v1.2
"Nero - Burning Rom!UninstallKey" = Nero OEM
"NVIDIA Drivers" = NVIDIA Drivers
"OSM generic routable" = OSM generic routable
"PhotoME_is1" = PhotoME
"PopTray" = PopTray 3.20 (beta 4)
"Recuva" = Recuva
"Sadovnická projekce - Mini verze_is1" = Sadovnická projekce - Mini verze
"Shortcut Doctor" = Shortcut Doctor
"STANDARD" = Microsoft Office Standard 2007
"Sweet Home 3D_is1" = Sweet Home 3D version 4.1
"TeamViewer 8" = TeamViewer 8
"The KMPlayer" = The KMPlayer (remove only)
"Totalcmd" = Total Commander (Remove or Repair)
"TrueCrypt" = TrueCrypt
"VirtualKeyboard" = Virtual Keyboard 3.2.1
"walleycz" = walleycz
"WhoCrashed_is1" = WhoCrashed 5.00
"Winamp" = Winamp
"Windows Media Encoder 9" = Windows Media Encoder 9 Series
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"WinRAR archiver" = WinRAR 4.11 (32-bit)
"WinX Free WMV to AVI Converter_is1" = WinX Free WMV to AVI Converter 2.0.5
"XnConvert_is1" = XnConvert 1.50
"XnView_is1" = XnView 1.98.2
"ZonerPhotoStudio15_CZ_is1" = Zoner Photo Studio 15
"ZonerPhotoStudio16_CZ_is1" = Zoner Photo Studio 16
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"SimpleFiles" = SimpleFiles
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.11.2013 9:29:37 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace acadlt.exe, verze 25.0.204.0, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 25.11.2013 0:25:26 | Computer Name = PC-17 | Source = Application Error | ID = 1000
Description = Chybující aplikace xnview.exe, verze 1.98.0.0, chybující modul xnview.exe,
verze 1.98.0.0, adresa chyby 0x000e6fb3.
Error - 28.11.2013 3:04:29 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CCleaner.exe, verze 4.2.0.4115, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:04:32 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace CCleaner.exe, verze 4.2.0.4115, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:10:19 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:10:57 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:11:03 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 3:11:14 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace ShortcutsSearchAndReplace.exe, verze 1.6.5.0,
zablokovaný modul hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
Error - 28.11.2013 4:31:18 | Computer Name = PC-17 | Source = MsiInstaller | ID = 11721
Description = Produkt: SpyHunter -- Chyba 1721. U balíčku Instalační služby systému
Windows došlo k potížím. Program požadovaný k dokončení této instalace nemůže být
spuštěn. Obraťte se na oddělení odborné pomoci nebo na dodavatele balíčku. Akce:
, umístění: WiseCustomCall, příkaz: g3
Error - 29.11.2013 6:50:49 | Computer Name = PC-17 | Source = Application Hang | ID = 1002
Description = Zablokovaná aplikace geoget.exe, verze 2.8.0.732, zablokovaný modul
hungapp, verze 0.0.0.0, adresa bloku 0x00000000.
[ OSession Events ]
Error - 7.1.2013 1:53:32 | Computer Name = PC-17 | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 7
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 2.12.2013 5:26:08 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7000
Description = Služba Util diamondata neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 2.12.2013 5:26:51 | Computer Name = PC-17 | Source = System Error | ID = 1003
Description = Kód chyby 00000019, parametr1 00000020, parametr2 89f0e000, parametr3
89f0e418, parametr4 1a830000.
Error - 2.12.2013 5:28:21 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 0:36:26 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7000
Description = Služba Util diamondata neuspěla při spuštění v důsledku následující
chyby: %%3
Error - 3.12.2013 0:38:35 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 0:43:47 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7031
Description = Služba TeamViewer 8 byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.
Error - 3.12.2013 5:06:02 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 3.12.2013 5:59:52 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7031
Description = Služba TeamViewer 8 byla nečekaně ukončena. Stalo se to 1 krát. Následující
opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.
Error - 4.12.2013 0:31:34 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
Error - 5.12.2013 0:29:53 | Computer Name = PC-17 | Source = Service Control Manager | ID = 7022
Description = Služba Autodesk Content Service přestala během spouštění reagovat.
< End of report >
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
Poklepej na ikonu OTL na ploše.Ujisti se , že máš všechny ostatní aplikace a prohlížeče zavřeny.
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\ccolwiz.ini
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
C:\Documents and Settings\All Users\Data aplikací\System podívej se do této složky , co obsahuje
O1 - Hosts: 192.168.1.140 HP001185015802 říká Ti to něco??
Pod Vlastní skenování/opravy do okénka vlož následující text, zobrazený zeleně:
Kód: Vybrat vše
:OTL
PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation)
PRC - C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
DRV - (WDICA) -- File not found
DRV - (PDRFRAME) -- File not found
DRV - (PDRELI) -- File not found
DRV - (PDFRAME) -- File not found
DRV - (PDCOMP) -- File not found
DRV - (PCIDump) -- File not found
DRV - (lbrtfdc) -- File not found
DRV - (i2omgmt) -- File not found
DRV - (Changer) -- File not found
DRV - (esgiguard) -- C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope = {F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}: "URL" = http://search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}: "URL" = http://search.yahoo.com/search?fr=chr-g ... =937811&p={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
FF - prefs.js..extensions.enabledAddons: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
[2011.12.08 14:48:45 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Extensions
[2013.12.05 05:55:00 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions
[2013.11.05 13:24:23 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions
[2013.01.02 07:49:46 | 000,151,038 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi
[2013.12.05 05:55:00 | 000,152,125 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2013.10.10 05:43:36 | 000,915,554 | ---- | M] () (No name found) -- C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2013.11.18 07:00:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\browser\extensions
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{195A3098-0BD5-4E90-AE22-BA1C540AFD1E}
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{5C655500-E712-41E7-9349-CE462F844B19}.XPI
File not found (No name found) -- C:\DOCUMENTS AND SETTINGS\PEPA\DATA APLIKACĂ\MOZILLA\FIREFOX\PROFILES\ZG7N3FL4.DEFAULT\EXTENSIONS\{9AA46F4F-4DC7-4C06-97AF-5035170634FE}.XPI
CHR - default_search_provider: DaleSearch (Enabled)
O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k File not found
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
[2013.11.14 08:17:46 | 000,493,298 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2013.11.14 08:17:46 | 000,489,062 | ---- | M] () -- C:\WINDOWS\System32\perfh005.dat
[2013.11.14 08:17:46 | 000,097,718 | ---- | M] () -- C:\WINDOWS\System32\perfc005.dat
[2013.11.14 08:17:46 | 000,083,946 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
@Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Data aplikací\TEMP:9FA5EC55
:Files
C:\WINDOWS\System32\*.tmp
C:\WINDOWS\*.tmp
C:\WINDOWS\system32\*.tmp.dll
C:\WINDOWS\System32\dllcache\*.tmp
C:\WINDOWS\system32\SET*.tmp
C:\WINDOWS\system32\DUMP*.tmp
c:\windows\Tasks\*.job /s
C:\*.tmp
C:\WINDOWS\System32\drivers\*.tmp
C:\Documents and Settings\All Users\Data aplikací\*.tmp
C:\WINDOWS\System32\SySwmvtoavi.dat
C:\WINDOWS\wininit.ini
C:\WINDOWS\crywmvtoavi.ini
C:\WINDOWS\System32\d3d9caps.dat
C:\Documents and Settings\All Users\Data aplikací\DA33173657.sys
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
C:\WINDOWS\MusiccityDownload.exe
C:\WINDOWS\System32\cis-2.4.dll
C:\WINDOWS\System32\issacapi_bs-2.3.dll
C:\WINDOWS\System32\issacapi_pe-2.3.dll
C:\WINDOWS\System32\issacapi_se-2.3.dll
:Reg
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" =-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" =-
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
Poté klikni nahoře na Opravit. Nech program nerušeně běžet, na konci se provede restart PC.
Po restartu se objeví log , prosím zkopíruj sem celý jeho obsah.
V možnostech složky si povol zobrazování skrytých souborů a složek+ odškrtni zatržítko skrýt chráněné soubory operačního systému
Toto otestuj na Virustotal
C:\WINDOWS\ccolwiz.ini
Klikni vpravo od okénka na Vybrat a v Exploreru najdi požadovaný soubor v Tvém PC. Označ ho myší a klikni na Otevřít , poté klikni na Send File. Pokud už byl soubor testován , objeví se okno ve kterém klikni na Reanalyze. Soubor se začne postupně testovat více antivirovými programy. Až skončí test posledního antiviru , objeví se nahoře result a červeně počet nákaz , např. 0/43 , nebo 1/43. Pak zkopíruj myší odkaz na tuto stránku a vlož ji do svého příspěvku.
Nebo na:
http://www.virscan.org/
C:\Documents and Settings\All Users\Data aplikací\System podívej se do této složky , co obsahuje
O1 - Hosts: 192.168.1.140 HP001185015802 říká Ti to něco??
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
log OTL :
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service esgiguard stopped successfully!
Service esgiguard deleted successfully!
File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0 removed from extensions.enabledAddons
Prefs.js: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0 removed from extensions.enabledAddons
Prefs.js: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.4 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 removed from extensions.enabledAddons
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\MacOS folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin\classic folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\content folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions\staged\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions\staged folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions folder moved successfully.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi not found.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi not found.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:9FA5EC55 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\SimpleFilesUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\System32\SySwmvtoavi.dat moved successfully.
C:\WINDOWS\wininit.ini moved successfully.
C:\WINDOWS\crywmvtoavi.ini moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\DA33173657.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\MusiccityDownload.exe moved successfully.
C:\WINDOWS\System32\cis-2.4.dll moved successfully.
C:\WINDOWS\System32\issacapi_bs-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_pe-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_se-2.3.dll moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Pepa
->Temp folder emptied: 71130332 bytes
->Temporary Internet Files folder emptied: 4798926 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44022439 bytes
->Google Chrome cache emptied: 60337485 bytes
->Flash cache emptied: 2082 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33447 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7838548 bytes
Total Files Cleaned = 180,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12062013_055314
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp18.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp28.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp38.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp4B.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp7.tmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
All processes killed
========== OTL ==========
No active process named explorer.exe was found!
No active process named firefox.exe was found!
Service WDICA stopped successfully!
Service WDICA deleted successfully!
File File not found not found.
Service PDRFRAME stopped successfully!
Service PDRFRAME deleted successfully!
File File not found not found.
Service PDRELI stopped successfully!
Service PDRELI deleted successfully!
File File not found not found.
Service PDFRAME stopped successfully!
Service PDFRAME deleted successfully!
File File not found not found.
Service PDCOMP stopped successfully!
Service PDCOMP deleted successfully!
File File not found not found.
Service PCIDump stopped successfully!
Service PCIDump deleted successfully!
File File not found not found.
Service lbrtfdc stopped successfully!
Service lbrtfdc deleted successfully!
File File not found not found.
Service i2omgmt stopped successfully!
Service i2omgmt deleted successfully!
File File not found not found.
Service Changer stopped successfully!
Service Changer deleted successfully!
File File not found not found.
Service esgiguard stopped successfully!
Service esgiguard deleted successfully!
File C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys File not found not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully!
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6796947F-440C-41D8-9A35-F6CCECB0E5A8}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5B0C4CA-C626-4C8F-9EC6-231E5A8CB584}\ not found.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: %7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0 removed from extensions.enabledAddons
Prefs.js: %7B195A3098-0BD5-4e90-AE22-BA1C540AFD1E%7D:4.1.0 removed from extensions.enabledAddons
Prefs.js: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:7.4 removed from extensions.enabledAddons
Prefs.js: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1 removed from extensions.enabledAddons
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Extensions folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources\English.lproj folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\Resources folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents\MacOS folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin\Contents folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins\GarminGpsControl.plugin folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}\plugins folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin\classic folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\skin folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale\en-US folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\locale folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome\content folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com\chrome folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions\staged\WebSiteRecommendation@weliketheweb.com folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions\staged folder moved successfully.
C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profileszg7n3fl4.default\extensions folder moved successfully.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi not found.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi not found.
File C:\Documents and Settings\Pepa\Data aplikací\Mozilla\Firefox\Profiles\zg7n3fl4.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi not found.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-TW folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\zh-CN folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\sv-SE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ko-KR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\ja-JP folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\it-IT folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\fr-FR folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\es-ES folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\en-US folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale\de-DE folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\locale folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content\ffjcext folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome\content folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\chrome folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} folder moved successfully.
C:\Program Files\Mozilla Firefox\extensions folder moved successfully.
Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\ not found.
Folder C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\ not found.
C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} folder moved successfully.
C:\Program Files\Mozilla Firefox\browser\extensions folder moved successfully.
Use Chrome's Settings page to remove the default_search_provider items.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\KernelFaultCheck deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Internet Explorer\Restrictions\ deleted successfully.
Registry key HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Control Panel\ deleted successfully.
C:\WINDOWS\system32\perfh009.dat moved successfully.
C:\WINDOWS\system32\perfh005.dat moved successfully.
C:\WINDOWS\system32\perfc005.dat moved successfully.
C:\WINDOWS\system32\perfc009.dat moved successfully.
ADS C:\Documents and Settings\All Users\Data aplikací\TEMP:9FA5EC55 deleted successfully.
========== FILES ==========
File\Folder C:\WINDOWS\System32\*.tmp not found.
File\Folder C:\WINDOWS\*.tmp not found.
File\Folder C:\WINDOWS\system32\*.tmp.dll not found.
File\Folder C:\WINDOWS\System32\dllcache\*.tmp not found.
File\Folder C:\WINDOWS\system32\SET*.tmp not found.
File\Folder C:\WINDOWS\system32\DUMP*.tmp not found.
c:\windows\Tasks\Adobe Flash Player Updater.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineCore.job moved successfully.
c:\windows\Tasks\GoogleUpdateTaskMachineUA.job moved successfully.
c:\windows\Tasks\SimpleFilesUpdate.job moved successfully.
File\Folder C:\*.tmp not found.
File\Folder C:\WINDOWS\System32\drivers\*.tmp not found.
File\Folder C:\Documents and Settings\All Users\Data aplikací\*.tmp not found.
C:\WINDOWS\System32\SySwmvtoavi.dat moved successfully.
C:\WINDOWS\wininit.ini moved successfully.
C:\WINDOWS\crywmvtoavi.ini moved successfully.
C:\WINDOWS\System32\d3d9caps.dat moved successfully.
C:\Documents and Settings\All Users\Data aplikací\DA33173657.sys moved successfully.
C:\Documents and Settings\All Users\Data aplikací\KGyGaAvL.sys moved successfully.
C:\Documents and Settings\Pepa\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini moved successfully.
C:\WINDOWS\MusiccityDownload.exe moved successfully.
C:\WINDOWS\System32\cis-2.4.dll moved successfully.
C:\WINDOWS\System32\issacapi_bs-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_pe-2.3.dll moved successfully.
C:\WINDOWS\System32\issacapi_se-2.3.dll moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\FirstRunDisabled deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore\\DisableSR deleted successfully.
========== COMMANDS ==========
[EMPTYTEMP]
User: All Users
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 32902 bytes
User: Pepa
->Temp folder emptied: 71130332 bytes
->Temporary Internet Files folder emptied: 4798926 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 44022439 bytes
->Google Chrome cache emptied: 60337485 bytes
->Flash cache emptied: 2082 bytes
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 33447 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 7838548 bytes
Total Files Cleaned = 180,00 mb
OTL by OldTimer - Version 3.2.69.0 log created on 12062013_055314
Files\Folders moved on Reboot...
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp18.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp28.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp38.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp4B.tmp not found!
File\Folder C:\Documents and Settings\Pepa\Local Settings\Temp\tmp7.tmp not found!
PendingFileRenameOperations files...
Registry entries deleted on Reboot...
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
soubor C:\windows\ccolwiz.ini - podle Virustotal čistý. Díval jsem se do něj, je tamjen pár řádek, podle všeho konfigurační soubor k plotrům. Obsah souboru:
[HP DesignJet 750C+]
ShowUIWarning=0
PrintedUDTile=0
[HP DesignJet 1050C]
ShowUIWarning=0
PrintedUDTile=0
.
C:\Documents and Settings\All Users\Data aplikací\System podívej se do této složky , co obsahuje - je tam jeden soubor "A050E00G.L04", velikost 886b
O1 - Hosts: 192.168.1.140 HP001185015802 říká Ti to něco?? - na tomhle potru je pověšená tiskárna
[HP DesignJet 750C+]
ShowUIWarning=0
PrintedUDTile=0
[HP DesignJet 1050C]
ShowUIWarning=0
PrintedUDTile=0
.
C:\Documents and Settings\All Users\Data aplikací\System podívej se do této složky , co obsahuje - je tam jeden soubor "A050E00G.L04", velikost 886b
O1 - Hosts: 192.168.1.140 HP001185015802 říká Ti to něco?? - na tomhle potru je pověšená tiskárna
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
A050E00G.L04 --ten soubor dej na virustotal.
Co problémy?
Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Re: jsn.donecore.net - další obět - prosím o kontrolu logu
podle virustotal čistý
vypadá, že to bude OK, už na mě ve Firefoxu nic nevyskakuje
vypadá, že to bude OK, už na mě ve Firefoxu nic nevyskakuje
-
jaro3
- člen Security týmu
-
Guru Level 15
- Příspěvky: 43298
- Registrován: červen 07
- Bydliště: Jižní Čechy
- Pohlaví:
- Stav:
Offline
Re: jsn.donecore.net - další obět - prosím o kontrolu logu Vyřešeno
Spusť OTL a klikni na Vyčisti.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Pokud nejsou problémy , je to vše a můžeš dát vyřešeno , zelenou fajfku.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra
Kdo je online
Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 31 hostů